Date: Sun, 30 Dec 2001 22:31:22 +0100 From: Cliff Sarginson <cliff@raggedclown.net> To: FreeBSD-questions@FreeBSD.ORG Subject: Re: Can I rename root? Message-ID: <20011230213122.GB1245@raggedclown.net> In-Reply-To: <200112302056.fBUKujU15646@berbee.com> References: <20011229154552.B855@localhost> <20011230103317.A474@localhost> <200112302041.NAA21129@cepheus.azstarnet.com> <200112302056.fBUKujU15646@berbee.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 30, 2001 at 02:56:31PM -0600, Rob Zietlow wrote: > On Sunday 30 December 2001 02:41 pm, Jeffrey wrote: > > On Sunday 30 December 2001 02:33 am, Rogier Steehouder wrote: <snip> To repeat, it is pointless. Security through obscurity is an illusion. Besides which, few crackers try to crack passwords, if chosen well it can take years. They go for holes in programs. Imagine I am a cracker, I surf this list because I know I can hear tips, pick up on security issues. I now know: - You have renamed root (that will really have the crackers shitting their pants) - You use Postfix - You told me all this in your mail... > /etc/aliases I had already redirected root to my regular user: > no problem > /etc/crontab Replaced 'root' with 'admin' > /etc/ftpusers Not critical, but added 'admin' > /etc/gettytab User for autologin > /etc/inetd Don't use it > /etc/login.access Small change > /etc/login.conf Has a special entry for root > /etc/rc Changed 'chown root:wheel' in 'chown > 0:0' > /etc/security Don't use it > /etc/syslog Small change > /usr/local/etc/postfix/postfix-script > Some minor changes > /usr/local/etc/webmin/... > Starts some daemons as root I know your email address. If you have a domain I can find it and your IP. I know who your ISP is and what O/S they use. I can find out what DNS you use, and your Mail Exchanger. I could make some guesses at your login name. actually, and probably guess you are in group "wheel". I know what MUA you use. I know your run FreeBSD, and could probably find the version in a few seconds. I could go on...changing root's name will achieve *nothing* of any value. Sooner or later it will confuse you. Just reduce root access to the minimum, and disallow external access to it. And learn something about security. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011230213122.GB1245>